Holla Forums's Guide to OPSEC

Vault 7 has shown us how necessary proper Operational Security (OPSEC) is. And yet many of us lack a strong grasp on the concept. We may know about using a VPN and disabling javascript, but that's usually the limit of our understanding. Now is the time to create a guide.

and etc.

For those who can't contribute due to a lack of knowledge, I've included a few resources for you below.

dodea. edu/offices/safety/opsec.cfm
blogsofwar. com/hacker-opsec-with-the-grugq/
grugq.github. io
aaronswartzday. org/opsec/
opsecprofessionals. org/free.html

Other urls found in this thread:

privacytools.io/
addons.mozilla.org/en-US/firefox/addon/refcontrol/
*www.gasthekikes.com/
gasthekikes.com/
wiki.
archive.org/details/CIAWIKILEAKSVAULT7
mpv.io/
without-systemd.org/wiki/index.php/Arguments_against_systemd
recon.cx/2014/slides/Recon 2014 Skochinsky.pdf
thatoneprivacysite.net/vpn-comparison-chart/
gasthekikes.com
example.com
addons.mozilla.org/en-US/firefox/addon/archiveis-now/?src=api
github.com/muzuiget/referrer_control
wiki.installgentoo.com/index.php/Firefox
wiki.installgentoo.com/index.php/Anonymizing_yourself
archive.fo/j3nHC
archive.fo/zd6Cn
archive.fo/VUWlS
github.com/jedisct1/dnscrypt-proxy/blob/master/README-WINDOWS.markdown
8ch.net/tech/chrome.html
panopticlick.eff.org/
templeos.org/Wb/Doc/Demands.html

ibtimes.com/nsa-has-planted-surveillance-software-deep-within-hard-drives-2001-kaspersky-1818398
archive.is/3RHSk
gnu.org/software/gnuzilla/
softpedia.com/get/Others/Font-Utils/ZXX.shtml
8ch.net/tech/ddg.html
en.wikipedia.org/wiki/Neurodiversity
arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/
techblog.willshouse.com/2012/01/03/most-common-user-agents/
wiki.installgentoo.com/
dnsleaktest.com/
kmuto.jp/debian/hcl/
tls.mbed.org/
blog.invisiblethings.org/papers/2015/x86_harmful.pdf)
wired.com/2015/07/researchers-hack-air-gapped-computer-simple-cell-phone/
theintercept.com/2016/10/17/how-israel-became-a-hub-for-surveillance-technology/
counterpunch.org/2009/03/12/israeli-spying-in-the-united-states/
wired.com/2016/11/great-now-even-headphones-can-spy/
kb.mozillazine.org/Locking_preferences
en.wikipedia.org/wiki/Intel_vPro
sierrawireless.com/products-and-solutions/embedded-solutions/iot-modules/
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c2557a303ab6712bb6e09447df828c557c710ac9
0bin.net/paste/yRlpgQFSRbDUOkuk#j5oHmeKo7frq-EcYKfssMeA3r2s4eAKDQ6mDVTyoSj5
archive.org/details/OPSECMEGACOLLECTION
twitter.com/SFWRedditGifs

...

privacytools.io/

Being a big guy and using TempleOS is the only thing that can keep you safe from CIAniggers.

Browser Security Tips

1. Google is pozzed by CIAniggers, so don't use Chrome.
2. Use Mozilla, which is more privacy friendly and hopefully not secretly pozzed.
3. Harden your browser by changing its settings according to this tutorial: http:// archive.is/aof3F
4. Disable Javascript by default and use it selectively.
5. Do not use the same browser for trolling that you use to check your irl email or other accounts.
6. Be very selective with the addons you install, as many are likely compromised.

Just about everything is compromised, from the hardware up.
Even if you manage to get safe components and an OS environment that isn't fucked you have to worry about every device between you reaching the internet (Modem, Router etc…)
Or any hot devices you've surrounded yourself with.
Basically if you're using anything modern with networking you're likely not even close to safe.
Assume that to always be the case, if you want a digital medium to have private thoughts you need something "sandboxed" with no network capabilities.

do you know how we could harden our modem/router to prevent spying on that level?

Make our own, make our own everything.
Have a locked down normie-mode for connecting to regular open networks.
Keep our systems insular at all other times.
Putting Tomato or DD WRT (or something similar from scratch) would only handle the software aspect, the hardware could still be doing nefarious things.

not a bad idea. wish i could contribute

Been thinking on switching from Firefox to Palemoon, both on my Windows and Androyid devices. The latest versions have never failed providing me ungodly amounts of lag 1 hour into browsing.

I've had good experience with Palemoon on both, but some of muh addons aren't on it. Will probably be worth the less lag anyway.

looks nice am d/ling now

LURK MOAR FAG. REAL PLAY IS BOMBING THEM

anons recommend a VPN. I am ready to switch from the one I use

Will dump related content while I'm here. Most of the tips in pics related have been tested and used on my device, however the mods for Firefox lower accessibility on most sites including 8ch. You can however change them to fit your preferences.

yEAH WHY DON'T YOU LET ANOTHER GROUP OF jEWS READ YOUR SHIT AND SELL IT ON THE BLACK MARKET . nigger

Private Internet Access is pretty good
*checked*

nice

For the referral-phobic autists here that includes me, you can use RefControl to either completely block referrals or send empty ones so your address doesn't get tracked.


I got this list here, don't know how accurate it is though.

Link for Firefox addon:
addons.mozilla.org/en-US/firefox/addon/refcontrol/

thanks

Is there a list of vpns that haven't been compromised?

I don't know shit about VPNs, but this guide may help you finding one.

find*

It's as pozzed as Chrome now.

So has anyone looked I to Brave as a browsing alternative? It was created by the guy who founded Mozilla. I haven't trusted Firefox for awhile now, ever since he was ousted for now supporting aids rights.

Not quite, but definitely going that way. After its founder was literally fired for supporting a pro-normal marriage organization, things started going down the shitter. However, Firefox has a lot more customizability and privacy-enhancing features than Chrome, and a much less shady track record.

There's some truth to what you're saying though, definitely. Firefox is getting paid a LOT by Google to have Google as its main search engine.

so what to use?

As someone that has an immediate need for privacy here is my setup using virtual machines:

Linux Host / VPN always on for casual browsing
Virtualbox using internal networking
pfsense router software running in VM / internal network interface (lan) / another interface bridged to physical nic (wan). Though if you route it through your host nat you essentially get double vpn protection.

pfsense connected to secondary VPN provider and firewall configured to only allow traffic through VPN port to avoid accidental clearnet routing. This virtual router, if properly configured, will prevent IP leaks.

Secondary Linux desktop in VM with only internal virtualbox network interface, the same one pfsense uses. I use this desktop for browsing everything I want to keep absolutely private. You can either use a static IP or configure pfsense for DHCP

Firefox addons: noscript, canvas defender, https everywhere, privacy badger, disable webrtc, adblock pro, self destructing cookies.

I'm sure this is not perfect and I am no networking expert but this should partition off your secure normal browsing with sandboxed VM that can't leak your real IP and has a totally different fingerprint. Also check out Whonix for a more secure Tor experience, I based my VPN config on the isolation model it uses.

Ultra paranoid? Use Qubes. Snowden uses it.

Help me, I usually use an Android tablet for browsing this page; for shitposting on FB, twatter and cuckchan. And the biggest library of memes is actually on there, as it is easier, faster and more comfortable to shitpost on there than on a notebook.

I usually use Orbot, but it's obviously not enough for security; what do Holla Forums? Any ROMs for it?

sounds awesome but i dont understand any of this

It's slower than furfagfox and botnet but it still works. If he can get more funding maybe it can compete. But it works so there's that. Try it out for yourself.

You need to write some guides or create some infographics.

You need to write some guides or create some infographics.

How to correctly break links:

Put two asterisks between the https and the "www".

*www.gasthekikes.com/

Waterfox, Firefox is still good but it's been kiked after they went full SJW and fired its own CEO because he was a conservative.


Fucked up with the asteriks.

gasthekikes.com/

I'm thinking about NordVPN, but I'm not too sure. I do use a private e-mail provider (neomailbox) though.

Why do you need OPSEC? Nothing on this site is illegal or even questionably legal after the CP purge. I use noscript and adblock as a personal preference but I've long assumed anyone that wants to see what you do online can, with some effort, no matter what you do.

If you really want to hack the planet and do crazy cyberwarfare, then go to MIT and get educated by professionals in computer science. An 8ch thread on "how2hack" is gonna be useless at best and harmful at worst.

I'm also waiting for Brave, but it doesn't seem to have a good momentum.


But how can we delete our old information that these agencies still have? It's impossible, right? My 12 year old me created a lot of accounts that probably give a lot of personal information, including photographs.

Why don't you get out instead you CIAnigger?

You guys might want to use Linux.
I personally use Mint due to how easy it is to setup. You might want to install VirtualBox so you can try Linux out first before reformatting your PC.

wiki. installgentoo.com/index.php/Firefox
wiki. installgentoo.com/index.php/Anonymising_yourself
wiki. installgentoo.com/index.php/Encryption

Please note that some advice from installgentoo may be a bit dated

Opsec means you are carrying out an operation that requires operational security. Browser plugins aren't going to help with that.

The most important thing for opsec to keep flawless separation between you and your operations. The easiest way to do that is to have a separate computer for operations that you have virtual machine software installed on and use Tails inside that virtual machine. Don't use that computer for anything except operations and don't touch anything to do with your operations outside of that VM running Tails.

Linux isn't safe from the CIA either, it doesn't even matter what OS you use, the botnet has been on your hardware for a while now.

Impossible. All you can do is try to drop off the normiesphere or try to appear as a good citizen.

There are no white vans coming for you unless you are a dumbass and commit offenses using your real IP. There are millions of other people out there, just don't be the nail they'd want to hammer down on.

Whonix for VMs and Tails for traceless USB boot.

Your birdie brain is conjuring strawmen from the aether. If all you want to do is OPSEC your porn browsing habits at work then go ahead. No one can OPSEC themselves from concerted state effort and all illegal activity must benefit the state or it is stopped.

But let's say that one day I want to run for office (any office, maybe even senator), how can I stop them from blackmailing me that I used to watch tranny porn

I doubt they're going to use this one against you, it's more likely they'll dig out where you called someone a nigger rather than give you something that'll give you bipartisan credit with the left.

Tails doesn't automatically spoof your MAC address on boot. It's better to use it in a VM than USB boot. With a VM you can easily configure the VM to spoof your MAC. Virtual Box has a checkbox to spoof the VM MAC address when you set up a VM.

Request a FOIA dossier on yourself from the FBI? The ability to correlate IP to identity from private sites isn't here… Probably. Unless you ordered shit with a credit card you're probably good, even then.

(checked)
Kek, I don't do it any more though, on NoFap. I'm not proud of masturbating, but I'm proud of leaving it behind.

Nah man, just things you can google.

Whonix is still a better VM option as it uses a hardened intermediary VM to route TOR traffic. The workstation component is completely isolated.

So I have been using my laptop for everything (banking, shitposting, emailing, work stuff, everything). No VPN or whatever.

If I have all my saved .docs and .pdfs and .pngs and all that on an external HDD.

if I format my laptop and start over with qubes and VPN and tor and all the super security stuff, is it safe to put the old files on my computer? Or do all my saved pepes have viruses and embedded CIA-cp?

Sure, but if every single autist out there had good OPSEC, CIAniggers would have to work a lot more for their info, stretching their time and resources.

Also tails spoofs mac address by default

If you use qubes you can put the files in a separate VM if you want, isolating the elements you deem risky.

Qubes is not a great desktop experience. It works but it takes a bit of configuring and is a fairly big tradeoff in functionality. I installed and deleted it.

Linux Mint is a good desktop experience that has an option for full disk encryption. You can do a lot of what Qubes does by using virtualbox. It all comes down to need and paranoia.

If you install using disk encryption make sure you enable the disk wipe option during install, slow but otherwise you'll possibly still retain old data. You can also use DBAN tool to write over your disk. If you use a SSD instead of a traditional hd there's a secure reset command you can issue to the hardware which is probably better than wiping the disk.

The only thing you need tbh. That and Quicktime media player.

Qubes os.

I wouldn't use anything based on Ubuntu LTS. Simply because of security through obscurity. That's not something you can rely on it but it can help. Most 0days for Linux desktops will be made to exploit software running on Ubuntu LTS. Because Ubuntu LTS is so widely used and only updated every 2 years.

I actually doubt this is true. The Autist'e is idolized around here but largely they are an incapable lot. If they are doing something illegal and haven't been taken down its either a) the significance of their activities aren't worth prosecuting or b) whatever they are doing and why its illegal is too difficult to explain to a jury. Largely autists just drown themselves in porn and porn is most likely the motivation behind this thread tbh fam

Debian is always an option. Or one could go full on sperg and install *BSD.

And this is just my personal opinion. Security through obscurity isn't a valid form of security. Don't let me stop you from using Ubuntu LTS if you want to.

CIA WIKILEAKS VAULT 7.zip 1.8 GB

archive.org/details/CIAWIKILEAKSVAULT7

Oh it's you again.

mozzila a shit. use the alternatives like palemoon or waterfox if you need to have firefox.

I use opera, mite be checkin out brave soon. its from the guy who made the original firefox good before it was pozzed

Firefox is shit, but Pale Moon is outdated and plugins don't work because it's now branching out from the main Firefox development, albeit slowly.

I didn't use Waterfox to have an opinion on it.

My home server uses FreeBSD

Everything you do electronically is monitored no matter what steps you take or OS you use.

Yeah. Been playing with Palemoon. I really like it so far. And brave isnt bad. Very good on system resources.

Which Linux distro for everyday use?

Ubuntu

Well TBH, I'm setting up a hosted server that requires high security and I may consider using FreeBSD in a Xen vm for apache stuff.

That doesn't work for all browsers you dopey kike.

Since CIAnigger Vault showed that VLC is compromised what do you anons think of mpv.io/

fucking millenials, they might be even worse than boomers.

on topic tho, I haven't been following infosec news since heartbleed because I've had other things on my plate. I don't feel like redoing my setup but it seems like it might be time. I'm just not sure it's worth the effort, I generally just assume everything is compromised so that adds a bit of lethargy to updating my setup bc what's the point. sorry if this shit is pleb tier, it's been a while

a few minutes early*

Preferably one with no CIAniggers…

FYI if you a Linux distro that uses systemd as an init then you're already owned. systemd was created by a faggot named Lennart Poettering, known for writing shitty buggy code (PulseAudio). Poettering is an SJW who works for RedHat, a company with known connections to the NSA, CIA, and other intelligence agencies. Poettering and RedHat forced systemd on other distros, it was adopted by Debian despite massive pushback, and it was literally in almost every Linux distro overnight.

systemd runs at PID 1 and has a massive attack surface because it touches nearly everything. If you don't want to be pwned right out of the box then you need to use an alternate init system like OpenRC.

without-systemd.org/wiki/index.php/Arguments_against_systemd

If your doing anything that needs strong opsec on an internet connected PC then you have no grasp of the concept.

There is a reason the Kremlin switched back to typewriters a few years ago. Intel ME renders anything you do with OS's, VPN, VM's, etc useless if its activated. It has direct access to the RAM, video hardware, and NIC.
recon.cx/2014/slides/Recon 2014 Skochinsky.pdf

found this recently, to compare several important infos about various vpns
thatoneprivacysite.net/vpn-comparison-chart/

Also. ublockorigin plugin on Opera is much better than APB for firefox. Opera has a built in free VPN you can toggle on and off, pick from a few choices so it's better than nothing at all.

Either there are a lot of narcissists or everyone is just psycho but the reality is no one is spying on you because you don't matter.

arch linux has a distro which doesnt use systemd as default

https:// sourceforge.net/projects/archopenrc/files/arch-openrc/

How to correctly break links:
Put two asterisks between the https and the "www".
Delete the entire http:// part of the url
gasthekikes.com

seriously though strong opsec and high technology are basically incompatible these days. Even a burner can be used to track someone physically and the only secure computer is one that, ideally, is unplugged from the internet, electricity, and doesn't actually exist. Even cars and tvs are potentially compromised. imo the amish probably are the best example of ironclad opsec right now


checked

that's not the point
the point is that, as they store and index everything about everyone, the instant someone who previously didn't matter is in position to do something important, they can control it with everything they have on him
the day you're a witness of some weird ritual between a rich old kike and a little girl? blackmailed into silence with the tranny porn you posted 10 years ago
the day you have a chance to get hired at an above-wageslave job? the company gets a competing cv from the kid of a deep-state insider as well as infos about your taste in bdsm porn
the day you're fed up being trampled by uppity niggers and/or arrogant sjw hipsters in everything you attempt because someone gives them timely infos to help them fight against your white male priviledge? the predictive programming analysis of your file will place the right trigger-happy nigger cop doing random car checks on your way home

your attitude is the pendant of "I don't have anything to hide"
if you keep it that way, you won't ever have anything worth hiding

And lets not forget everyone ITT is posting on this evil neo-nazi pedo white supremacist etc etc site known as Holla Forums.

Forget porn shit. How about having ever post you have ever posted on this and sites like this indexed and cataloged in to a nice searchable database?

Even this isnt suggested, these firmwares get installed due to a vulnerability on the router itself. CIAniggers know this and most likely figured out how to exploit them. Remember "Lizard Squad"?

This is scarily accurate. Nothing possible to avoid the root hacks they have for hard drive firmware and router firmware, plus operating systems, plus antivirus (but at that point you're on windows and hopelessly fucked anyways), plus auxillary devices (android/iOS/TV on network that could be hijacked to launch remote exploit), plus in-memory hacks, plus BIOS/motherboard firmware rootkits/exploits, plus the upstream leaks at compromised ISPs and NSA monitored backbone switches, TOR exit nodes compromised… It's just all fucked. If they want to fuck you up, they will fuck you up.

You can make their job a lot harder with QubeOS or Tails though. This should really reveal that Trump is right when he says that truly important data must be face-to-face or physical (ie. note) exchanges. If you're on the shit list, these exploits basically cover every single layer with every kind of threat vector imaginable. I'd say the best defense at this point is perhaps flooding with innocuous traffic or using so many devices that they don't know which to target. You need to think beyond OpSec in a literal way and find a better defense that wastes their time or makes it too difficult to pinpoint. Making one obvious hardened vault will give them a clear target, and I don't think there's any amount of OpSec that will prevent them from breaking that vault if they find it.

Nobody has a clue how many devices out there (including enterprise routers, telco equipment dslams etc…) use a form of thier own homemade *nix with systemd on it.

Even if you figured out how to "secure" your home network, you're still insecure.

...

Buy a box and put pfsense or untangle on it.

Yes. The one that has to run as a virtual machine on top of a CIA-compromised host OS. Totally secure.

as much as I prefer mpv over vlc, this intrussion probably wasn't vlc's fault. it's just that vlc is a very popular multiplatform player, and it makes sense for 3-letter agencies to distribute their own compromised version of it on non-official channels (and not release their trojaned sources, in violation to the vlc license)

Don't blame VLC because CIA are targeting them, they aren't the bad guys, you need to speak for people that VLC is not in the evil side, they were just targets of CIA.

What about ham radio modems?

But if the link is https you absolutely must not simply delete the https:// or you risk having anons access the site in the clear (if only for a redirect) and/or getting a 404.

Make it clear that the link is https:
example.com

im not saying its their fault, but we're not here for feels. Thread is for spreading more secure opsec around and if VLC is caught in the crossfire so bet it, everything is a moving target. When you stay complacent and centralized and get fucked, like (((Cloudfare))) recent.

This is why you have https everywhere installed

For anons using firefox or a clone of it, use this for archiving.is quick and easy.
addons.mozilla.org/en-US/firefox/addon/archiveis-now/?src=api

Use this plugin so you dont have to be an autist over breaking links.
github.com/muzuiget/referrer_control

It's not very white to leave virtual landmines sitting around for anons to inadvertently trigger.

I meant that the reason why you have https everywhere installed is so you don't get fucked when accidentally clicking on a nigger's link

From what I keep reading from all you techfags is that it seems there will be no chance of true opsec. I don't really care honestly if the CIAkikes
watch me browse Holla Forums

If your operating system isn't proactively secure, how can you ever hope to be
if you need most of the web to be usable run firefox/icecat/palemoon with the tweaks recommended by wiki.installgentoo.com/index.php/Firefox . In fact the install gentoo wiki has a lot of good relevant info on this page wiki.installgentoo.com/index.php/Anonymizing_yourself

...

...

Compromised by CIA nigger bronies. see the sticky.

Best OPSEC is to not OPSEC so you don't look suspicious.
Everything is compromised.

Don't let perfection become the enemy of the good. All these opsec techniques make it harder for your data to be accessed. Furthermore, non-state actors like antifa who would like to kill you, character assassinate you, have you sent to prison, etc, *don't* have access to zero day hypervisor exploits, intel ME backdoors, etc.

Btw, everyone knows that any exposed ports with DMA access are just asking for it, right?
blog.frizk.net/2016/10/dma-attacking-over-usb-c-and.html


Makes sense.

This grill looks like an Ayy Aryan.

tfw no aryan alien gf

Exactly. Thank you. Perfect security is impossible: if you think you have it you're a retard.
Making yourself not low hanging fruit is important regardless.

I don't get it.

he covers the cameras and plugs in a microphone and cuts its head off.

Covering the camera with tape is the only way to be sure. Blocking access to ports is important for security, but true believers don't just use tape… they fill the port with superglue or destroy the trace on the motherboard.

Exactly!

I am a regular guy. I have a nice wife and we have a child and another on the way. She works a regular job and we live a normal life. We talk to the people in our neighborhood, shaking hands and smiling, learning their names and doing normal things. We don't stand out. We don't do strange things. We don't belong to fetish communities, we don't swing or swap. We are a loving family in a normal home. There is no part of us that you could look at and see anything other than "normalfag". We don't wave flags, we don't protest. We make sure to check CNN at least once a day. We order things from Amazon like diapers and flavored coffees and comfortable shoes. We have Facebook pages and share family pics on Instagram. I have a tumblr blog where I share recipes.

We are, for all appearances, absolutely normal. Nobody will ever suspect a thing.

archive.fo/j3nHC
archive.fo/zd6Cn
archive.fo/VUWlS
github.com/jedisct1/dnscrypt-proxy/blob/master/README-WINDOWS.markdown
8ch.net/tech/chrome.html

hello shills

I don't recall telling anyone to use any particular apps or tools, nor did I tell anyone not to do anything. I merely expressed that I have found a way to hide in plain sight.

so paranoid anons: how to turn OPSEC into profit when no one cares about OPSEC? As a skill you won't even know if it was worth it until they start black-bagging people en masse and they take you anyway

Infosec is basically shilling appliances and doing retarded checklists created decades ago.

>>>/suicide/

kek, come to >>>/polk/ if you don't want to get v& and don't want to post with little cuckchan kiddies.

It's like a mask. Giving off every appearance of being perfectly normal. They don't pay any attention to the normalfags.

>everything you do is tracked if not by you, then by others

If they can't find any incriminating material they can just manufacture it by now.
Considering this the most logical way is to apear like a low threat to them.

Funny how both of you showed up around the same time, and advise against following any opsec a good while after it's been discussed.

They're incompetent morons user, look at all this autism they tried to manufacture against Trump.

Remember that a 4chan fabricated leak about Trump's prostitutes pissing on Obama's hotel bed was supposed to be their killshot against Trump, a last ditch effort to prevent his inauguration.

You secure shit as a service.
Tell people it's to prevent other people (think shops that reformat your PC or vengeful exes that know their passwords) from retrieving and distributing their nudes.

Erm, I’m not sure how to tell you this user but…. I think you may actually just be a normalfag.

Something is better than nothing.
Sure even with encrypted disks and files the only thing people have to do is pic related, and if you are truly targetted by governments then you're pretty much fucked.
Still, Snowden still got away using Tails and Signal.
Disabling javascript and making yourself more secure than others also helps against third party companies who sell your data.

I just unplug it.

I guess a more refined way would be to make a hardware switch for it though.

PGP is important.

Seeing what the loonix forums are saying and downloading openBSD just in case. Fuck this sucks.

this faggot is not even a shill. he's a cuckchanner.
if you don't want this cancer in your threads come over to >>>/polk/ since the hotpockets here encourage this type of posting.

...

>mfw serious OPSEC was shown to me many, many moons ago by my best friend. He was always a bit paranoid, but when he turned his photography hobby into a position on the school yearbook for the sole reason that he wanted to minimize his appearances in the yearbook… well.. he did it! nowhere in our sophmore, junior or senior yearbooks is a recognizable solo picture of my friend. This is the only weird thing about his highschool days, everything else is max normie. YOU tell me was he crazy? or crazy like a fox?

So, are we going to start shit posting on home built amigas and using BBS's again?

I have always presumed so. I envision a world with somewhat impressive tech and none of it usable as it is totally poz’d.

I'm kinda drunk, but would this not work?

Considering you can just use some sort of ancient technology on VoIP or some shit?

Just thinking out loud, dial in BBS's for example. and ensuring that you have a traditional copper (not voIP) landline.

Because, aren't the laws for wiretaps way more clear than the new generation of spy shit?

inb4 reddit spacing. I didn't expand the small box, so I thought my lines were bigger than they were. I'll say three hail keks for my sins. I thought it was paragraphs.

I don't think it works that way.
Ancient tech still have their vulnerabilities because they are no longer supported.

Is it time to form a new branch of Holla Forums's glorious imperial memetic forces?

A very important thing to remember about OPSEC. If you live in the big 14 and patent any software that has "intelligence or military applications" means the government can lay claim to that tech.

This manifests as most, if not all, OPSEC measure we employ are broken in some way. Basically CompSec stuff only enters the public market after a state actor breaks it. We can obfuscate, but being completely invisible is neigh impossible for the layman.

However, their capacity to analyze the take is still limited, meaning much of our shit gets overlooked.

A coreboot x60 (atheros wifi) running openbsd (personally I just stick with linux) with minimal contrib is a fairly safe setup for less than $100.
Everyone should be using uMatrix, you should view JavaScript just as any other executable code.
ok. so I disabled JS and use a VPN, am I safe?
lol no, your browser has a unique finger print that can easily identify you.
panopticlick.eff.org/

how are they going to track you? They have a harder time wiretapping phone lines to record pone calls than they do owning your devices. Dial in bbs is that.

Say people start mailing 5" floppies to eachother, or something similar. The leaks prove people are tarded

How fucked are some of us anons who have never worried about our privacy? I've always thought this sort of thing was silly to worry about unless you were searching for CP

IT here, and I don't mean to sound defeatist, but from the initial reports coming out all major OSes were compromised. That means it doesn't matter if you were on Ubuntu and were using TrueCrypt. If they were in on you at the Operating System level they'd be able to skim your RAM (working memory) in real time, seeing everything.
At this point, the only OPSEC is to assume every platform is compromised, even in person (who has a mic on them? Who has a phone? Gaming device? TV nearby?).

always have a VPN

other then that if you arent getting up to stuff you shouldnt (CP), its not a big deal.

...

You guys can do much better than this. You need to basically set up accounts so the pozzing works in your favor.

Find someone in the phone book.

Create all your profiles and fill everything out so you look like THAT person. Create some social media etc.

Never do your OPSEC stuff from home or work. Use somebody else's wifi.

If you do it right all roads will lead back to Debbie, and they'll be compiling a fat dossier on HER and not you.

When you see them come for Debbie you'll know it's time to switch it up to one of your other ID's.

The flaw in all of this data mining is that it assumes that the mined data is correct. You need to be doing ID fraud-esque spoofing, not trying to hide.

*Don't hide, misdirect…*

Find one located outside of the 14 eyes because even if they claim they don't keep logs their ISP might. Outside of the 14 eyes they're not going to have to comply with shit. Pay with gift card or bitcoin. Stop using windows and either go with Linux from Scratch, Gentoo, Arch or something along those lines.

You're half right. Build your own distro don't install compromised software and theoretically you're probably okay. Tbh I haven't trusted ubuntu in years. Rest of what you said is spot on if you're truly trying to hide then leave the smart phone behind and don't have important conversations near anything with a mic or camera

For me it isn't so much thinking I am actually secure but the pleasure I get knowing they have to work a little harder for it. Same principle as the guys screeching into their mics I guess

Firefox addons you should probably be using:

uMatrix - Best content blocker out there. Set your permanent rule file to this when you first install it (click the uMatrix icon on the toolbar, then click the tiny gear icon on the top left corner of the popup menu)
* * * block* * cookie block* * css block* * frame block* * image block* * other block* * plugin block* * script block* * xhr block* 1st-party css allow* 1st-party image allow
This blocks everything by default, and only allows css, and images to be loaded from the same server you're accessing. In other words, if you go to 8ch.net/pol/ then uMatrix will only allow css, and images to be loaded for requests going to 8ch.net. If 8ch.net has inlined images from another domain, those requests will be blocked. Javascript is also blocked by default, you can selectively turn it on for specific sites.

If you're going to use user agent spoofing to defeat browser fingerprinting, the best way I've seen is to set your UA to the most commonly used one. You can usually figure that out by running your browser through EFF's panopticlick checker and seeing what the most common UA is. Remember that the UA string contains your OS, version, and processor arch, so it's a good idea to change it to something super common, particularly if you're running a non-Windows OS.

Spend some time learning to use uMatrix. It takes a little bit to understand how it works and how to configure it using the matrix UI, and you'll have to fight with some sites to get them to work right, but it's worth the effort to be able to control who can see what.

uBlock Origin - Written by the same guy as uMatrix, primarily functions as an ad blocker. Works a little different than uMatrix so it's good to have both.

No Resource URI Leak - fixes a security flaw with Firefox that allows browser fingerprinting via resource:// URLs.

SSL Version Control - this one might be obsolete with the current versions of Firefox, but it enforces a more strict set of SSL and TLS versions.

Tinfoil - gives you easy access to a variety of security preferences within Firefox. It explains what most of the settings do so you can make an informed decision about whether to turn something on or off.

CanvasBlocker - useful on pages where you're okay with javascript running but still want to minimize your ability to be fingerprinted. This add-on prevents the JS canvas API from working until you allow it, and it also prevents invisible canvas frame reads. Canvas fingerprinting is one of the most accurate methods, so selectively disabling it is worthwhile. Keep in mind that some interactive sites use canvas to draw things on the screen - not every site that uses it is trying to fingerprint or spy on you. Usually an invisible canvas read alert is a sign that the site you're visiting is trying to fingerprint you.

Holy fuck just don't even use the internet at this point.

Hi CIA!

Posted image is one of those half-truths things we need to get rid of. See

thanks for pointing that out, disinfo works its black magic with partial truths as well

How do you set these Im trying but clicking aint working

Talk for yourself, not every country has free speech.
Half of the Europeans here could probably get raided on hate speech charges.

Set what?
uMatrix? It's pretty straightforward. Everything in green is allowed. Sometimes you have to refresh the page for it to take effect.

How do they get the IP's? does jim provide them on request ?

Keep in mind that the the contact with various nationalist groups, like the Identitarians, is also enough to get you on the list of intelligence agencies here. At that point, a VPN isn't gonna do it anymore, they'll get a trojan on your computer that can read everything you write.

So what OS do I install, everytime I go on /tech someone recommends me one but then another user says its insecure, rinse and repeat.
So which one do I install?

Mint xfce for your daily usage computer.
Try to install most programs from the source if possible.

Tails on your bootable usb drive for a spare used old laptop where you can shitpost.
Block the webcams with sticker,disconnect microphones.

Or we could just not do any of that shit, disband the CIA (and preferably execute them all), and the market work. They are the ones who intervened with threats and bribery to get companies to fuck our shit up. With them gone, and safeguards against some other group filling that void, things would improve on their own.

After we execute them all, then we move onto Switzerland, after that we glass Israel once and for fucking all.

iow hid in plain sight and do anything stupid

pay in cash when possible, cover up your camera - not sure how to physically disable the mic - putting tape on it like cuckerberg seems like a sperg move

browser can be fingerprinted in many ways, use torbrowser to limit this exposure and donate to Firefox for developing better protection against this way to identify people even if you're using vpn, tor, noscript, and are not logged in

flooding with info is a good strategy, not doing stupid shit, and being very careful about doing stupid shit if you do it - hoard some cash, hide things in trusted areas, etc, etc

create fake paypal accounts; i've heard of people getting paypal debit cards with their now fake id - use that to create cover amazon account, ebay account, etc - use that to pay online for stuff or to accept payment from ebay

bitcoin is still too hard to use

if youre inclined freebsd offers some great tools for disk encryption and trusted computing

i saw on a list they are following the v7 stuff to see what they need to fix in their stuff

openbsd for true spergs

but tails image on a live usb drive/shitty laptop from walmart should suffice

do only normie shit on your normie computer (work or home)

Basically everything is compromised nowadays. If CIA/NSA really wants you, they can get to you. The smartest thing would be to encrypt your hard drive so in case police shows up they can't access it. I haven't researched enough to recommend a certain program but there is a few out there that are safe to use.

Use a hammer. You can back up your hard drive(s) and bury it (them) in a watertight container. Destroy the original.

What can I do that doesnt require dedicated autism? I do basic shit like make browsers ask permissions to do certain things, have adblockers, delete cookies, have strong passwords, etc. Beyond that I dont know what to do. Am I missing anything here?

Does using Tor on an android do anyting at all for me, or is it completely worthless?

All of this is predicated on there being a level playing field, which there is not. They don't need to hack you at all, they can monitor everyone at the infrastructure level using DPI. The obfuscation (tor, vpn, proxy) is used to prevent users getting doxxed by disreputable site owners and moderators.

I would think that it would more more effective if would better to either use a or a sludge or ball-peen hammer and use a metal chisel without a handle that was made for hammer use than using a regular claw hammer

No, I mean a Gallagher tier hammer.

kys tor fag


you deserve to be off by 1


Once you get the hang of it, uMatrix serves well, however, most modern sites completely blow ass without javascript and lose a lot of functionality, 8ch included

(1)
404 not found sorry


Yes, hammers work well, just ask Hillary Clinton

Maybe this isnt the right thread, but is there any device that scrambles a camera worn on someones clothing, or a wire?

I work in security, and to be honest, I've been at complete loss those past few years. I barely know where to start or even how to structure my advices. The vault 7 leaks only brings confirmation to things we already heavily suspected.

I think the most fundamental need for all of us is unrestricted communication on the internet, which as of today means access to its fringe areas where a certain form free speech still exists: imageboards, IRC servers, newsgroups, yada yada. That is quite frankly the main reason I go on the internet, because I want to discuss, debate and learn, and interacting with people is the best, and if that was taken from me, I'd have next to no reason to go on the internet. And it's also the riskiest, because that's how you'll be expressing your deepest, most sincere problematic thoughts. As such, the second most fundamental need is access to sensitive materials on a variety of websites, and includes searching stuff, reading news, and downloading documents, from blogs, technical documentation, hosting platforms, news websites, and other independant websites, all relative to those same thoughts of yours.

That is what I focus the most on myself, because the crime of thought is now real. To be safe, my advice is simple: start over from scratch, live a double (or more) life, don't mix things up. I keep my usual computer, that's secured as much as I can, but from which I'll be buying stuff on Amazon and even do some minimal chan browsing, and that doesn't involve communication with people in fringe areas nor access to hard to find and/or sensitive resources. And then, when there are other things I want to do, I have airgapped devices on different networks.

So here's what I'd recommend, beyond even the technical considerations which are too many and complex to enumerate in a single post. And even then, if you can follow that, you could almost skip on the technical considerations and still be reliably safe:

You don't need a secure computer on a secure internet access to watch animu. List all your needs, but don't hope to do everything securely. The more things you'll do using the same secure device and entry door, the easier it becomes to identify you. Sort those needs based on what you can afford to do together, avoiding to mix up what can help identify you with what can get you in trouble, ie. don't call your mom and your drug dealer from same phone.

Get new untraceable hardware, don't hope to secure your existing ones. Just keep things entirely separate. Something mobile, disposable if needed, easily throwable very far for that purpose. Removable battery, systematically removed when not in use. Unless you're a wanted terrorist, cheap chink hardware on aliexpress will do, if you're worried get it used. Never put it in direct or indirect contact, wired or wireless, with anything you ever touched, used or connected to before. Disable GPS, GSM, and anything else that can leak more data than you need, physically sabotage it if possible. Tape the camera, it could still prove useful, otherwise sabotage it. Charge it using only verified cables with data pins sabotaged. Use free/pirated wifi (which you pirated with same device) to download what you need, flash/format everything with the most secure shit you can find, use proper tools. Don't store anything on it, set it to keep no history. Once on the internet, don't reuse accounts, pseudonyms, or anything else that can link it to previous internet activity, don't contact people you know, avoid pursuing similar interests. Just do what you need it for established before. If you feel the need for it, pay for a VPN or a dedicated server you set up as a proxy yourself and which can double as a mail server/file storage/imageboard server, all paid anonymously, prefer gift cards, second bitcoins paid in gift cards or temporary payment cards, finally temporary payment cards themselves if you must.

(cont)


Don't stand akwardly in the Starbucks to use their wifi, use high power wifi with quality antennas for greater range, or even use a battery powered router dropped in the area as a relay, don't connect as soon as you arrive, don't leave as you disconnect. Avoid letting people look at your screen, keep it as innocent as possible, avoid scary terminals with green font. If in doubt, throw it in nearest river, on highway, a roof, or in the back of a passing truck, bury it quickly behind a bush, slip it into someone else's bag… anything hard to reach, destructive or in movement can help. Don't be paranoid either, but be prepared if shit happens.

Don't trust this device. Consider it compromised by default, consider its access points, and all web browsing dangerous, to be handled with care. You should never trust its hardware, thus you have no reason to trust the software, you're only picking the horses, but the coach driver is NSA. Do your best to secure the software, but never trust it, only do your best to control what it'll be leaking.

Don't refer to any location you've been to or are currently, whether in a discussion or a Google Maps search, don't refer to your past, leave your current timezone vague and don't even hint at taking breakfast, avoid exposing advanced knowledge about stuff only a few would know. Always figure out the who what when where why of every piece of data you send out, making sure no one can precisely answer any of those.

Here's a list of the things illegal in my country: holocaust denial, hate speech, antisemitism, supporting conspiracy theories, spreading/consulting terrorism material, calling to boycott something. I can tick half the boxes by blaming white genocide on the kikes. I am at genuine risk of being in huge trouble for my opinions in a first world country whose values are all about freedom, that is France. Be well informed about laws of your residing place, don't underestimate the danger of shitposting. No one will waste resources to catch you shitposting from Chipotle's wifi if all you do is shitpost.

Don't take any electronics with you at all, and if you must, buy more disposable shit that you effectively dispose of within 24 hours.

That is the best advice I can give you. We're profoundly fucked and the slightest sensitive thing requires some of the most extreme paranoia. At this point, only a technological breakthrough could give us some breathing space.

On that topic, systemd slowly becomes the new norm, and the biggest norms are the biggest targets. Opting out of systemd makes sense alone to reduce your exposure.


Nice, thanks. I always consider modern MBs to be full of shit they don't need and a real mess you can't trust, but then it REALLY is bad.


That's a distinct possibility. Going lowfi certainly avoids many contemporary issues, but then the efficiency is out the door. Just connecting to a website in SSL would require 100% CPU activity of that old computer for a few minutes.

The other option is to manufacture some open source, old-style primitive FPGA, running some open source and heavily audited hardware design, compiled on an open source and heavily audited VHDL/Verilog compiler. Not that far fetched tbh.

If you're wondering, a FPGA is basically a programmable chip, that can emulate any piece of hardware, given it has enough gates to do it. Of course, it is terribly inefficient, and to emulate a CPU you need a significantly larger FPGA, but then the design of an FPGA is a simple repeated pattern, that is easy to check even with a microscope. If we could get our hands on a primitive affordable FPGA, all our problems would be solved.


Yes it does have vulnerabilities, but then their design is so simple that those are standing there in the sunlight. ALso, because


Aside from keeping radioactive material on your pocket, not really. You could use a wideband jammer, and pray it's jamming it fine, but you need to jam the right frequency and remain at a proper distance, and then hope it's not recording. And then that kind of jamming would be spotted by plenty others, whether bystanders whose phones don't work, or authorities tasked to fine people that do that because it's generally illegal regardless of the country. Unless you know exactly what kind/brand of surveillance device it is so you can specifically target it, you won't really be guaranteed to stop it with a general purpose device.

templeos.org/Wb/Doc/Demands.html
telescope eye piece vs just looking at an off-line image. God said the
C64/Apple II generation owned ancestral lands. VMware is like being taken off
of our land and moved onto a reservation. In this case, however, it will not
stand.

Since nobody has mentioned it, is Discord pozzed? All my normen friends use it for chat & gaming, and it seems like a good, grassroots kind of product, but you can never be sure. Should I be running it in a VM?

discord is pozze d and only alt-right queers/cianiggers use it

Forgot to finish this one:

Yes it does have vulnerabilities, but then their design is so simple that those are standing there in the sunlight, and they can be compensated for and prevented. Also the architecture is well-known and hides no surprise in some obscure, undocumented chip. Vulnerabilities are not a problem when you can control them, but modern systems are incredibly complex, largely undocumented (surely internally, but there's no public docs), and that makes them harder to control, on top of making finding those vulnerabilities even harder.

uses systemD

This is not a useful response. I don't care about the degenerate admin of your discord chat, I'm talking about the app itself

what don't you get about it?

HOW is it pozzed, you monkey.

reddit.com/r/discordapp/comments/57rurj/privacy_policy_seems_to_allow_selling_of_data/
https:// us.battle.net/forums/en/wow/topic/20742925443
http:// vinesauce.com/vinetalk/viewtopic.php?t=7400

All that and she still lost. Sad!

Thanks fam

chrome incognito

Best advice is to keep your digital footprint to a very minimal and lock those "backdoors" in your operating system. If you have selfies or any incriminating evidence online such as faceberg etc then ya done fucked up already.

Encryption? After TrueCrypt, Veracrypt is what's been recommended, but that's for Windows.
For Linux, it's in one of the installgentoo guides.

TrueCrypt is just completely compromised. People should be using Veracrypt.

So people with high levels of political knowledge are barred from running for any positions of power because they were idiots when they were teenagers?

This has a lot of ramifications and it's going to take a lot of potentially great people out of the race before they even try.

Who needs epstein's loliexpress when you have chans funneling smart young men to post bullshit about their lives, while they are still missed informed and think the internet is not serious business.
The internet was a mistake

What kind of hardware do I need to get in order to minimize snooping efforts? I know Intel has backdoors like crazy, but does AMD hardware offer any better security? What about a little Raspberry Pi board with a distro just for lightweight internet browsing? Any other hardware companies not fucked?

NOw the internet sucks and I cant revert back

Never mind I figured it out

Don't use Mint like said it uses systemd check out http:// without-systemd.org/wiki/index.php/Main_Page theres plenty of other distros that are still pretty easy to install that don't use systemd

hahaha …. haha … ahhh the fucking amish had it right. 'Tis a sad day for humanity, we have come so far in the way of convenience and knowledge, and the ability to spread such things. But the double edge sword strikes twice. And now we revert back to the pen, as it has always been mightier than the sword. We have been right about so much, I guess all of our greatest fears were always getting black-bagged and getting bamboo shoots up the finger nails. And as time progresses our fears are only getting confirmed. It might pay to plan ahead, buy some seeds and scope out a bug out destination.

furfags plz go

ok so, as a bit of newb when it comes to OPSEC, as a basic retainer of privacy I have deduced the followings;
TailsOS - at a minimum and not the be all and end all
FireFox - for clearnet usage, noscript ghostery ublock tinfoil CanvasBlocker and also delve into about:config to confirm all shit is off and no geolocation is on
TOR - for the questionable shit, be that black market, BTC or even just banking and even this imageboard
PGP - for all communication not meant for prying eyes

is this about as good as any place to start? I don't know how good Tails is, nor do I know hpw unsecure my ubuntu OS is, anons confirm?

did you not see the cloudbleed shit? discord uses cloudfare and cloudfare is pozzed.


ghostery is shit. uMatrix does it better, i use uBlock origin on opera and everything gets blocked.

Is opensuse secure and good?
I want security but also functionality and ease of use was leaning toward trsiquel but it's Ubuntu based. Do not want qubes due to functionality.

Can use tails or kali on a live disk for anything risky that might require max privacy

Anyone know if it works for pale moon?

How did you even find this place?

That's not the point. The point is that I like my echoes for the novelty factor, puts a smile on my face every time. And sometimes it does help if you're not particularly paying close attention.

if you really need to rely on an addon to detect kike names then consider the addon not working like taking the training wheels off. go ahead and see if you can ride with the keyboard cowboys

You can make the changes permanent on the settings > My Rules tab

Anything on the permanent rules is automatically allowed.

For easy configuration:
1. visit the site
2. set to green everything you want permanently allowed
3. visit My Rules
4. commit changes

You will do no good to anyone sitting in prison. The greatest form of OpSec is to appear to be absolutely useless to the enemy.

the greatest form of opsec is to appear a friend to the enemy, why the fuck do you think (((our greatest ally))) pushes that angle so hard?

It is better to appear useless. If you appear a friend, then they will treat you as one. They'll be interested in you and watch you. If you appear useless, they will leave you completely alone.

That makes you dangerous.

Nigger, firefox 57 is bretty much making it into google chrome 2.0. And im sure the updates afterwards will make it less and less privacy friendly. They went downhill a long time ago. Switch to pale meme or another non-pozzed browser. Extentions may not be plentiful but youll learn to give up modern conviences so that brony cia kikes cant spy on you.i

Youre such a blatant CIAnigger that its not even funny go kill yourself faggot.

...

No, use Iridium. Firefox is pozzed and even Waterfox is placebo tier. If you must use a Firefox fork, use IceCat.


No. VPN.

A) If you are using Tails to begin with, you are default using TOR.

B) TOR is compromised and you should be using a VPN with one anyways. Services that don't keep logs are mandatory. You should be changing your DNS on your router too(definitely not to Google's DNS).

Assuming you AREN'T using Tails/TOR, you should be using I2P and IPFS.


Yes. Make sure you're using a the appropriate programs for X communication or that communication has built in PGP like Protonmail(also switch your email provider to non-mainshit).


Basically.

SIMPLE SEC is BEST SEC
Holla Forumsie user here
will dump OC how-to's as available
maybe beginning thursday 2017-03-09
need fellow anons help to convert guides to memes

Thanks user, just one quick question, doesnt tails have a built in vpn? If so wouldnt it be reduntant to use a vpn with tails? Or am i confusing a built in vpn with built in access to TOR?

If you feel like answering this, also; are clearnet websites even to be trusted with decrypting encrypted messages via PGP? Or should I go through the process of setting up a linux based PGP setup?
Or could you recommend a good decryption service? I used to use igolder but thats not available anymore

Thanks, Holla Forumsie user. I can follow directions but am not a tech person. Your OC will be much appreciated.

can i get a rundown on why javascript is dangerous? what kind of power does it have?

whonix is the way to go really. persistence on tails can be a pain in the ass to setup, though it could be argued that compromised modules could hook into the virtual network driver and expose that information on a network with poor outbound filtering.

...

javascript can be used to do a number of things from tracking via browser fingerprint, creating hidden frames that track and lock mouse movements and clicks, or even read cookies. Many javascript components are blindly trusted from 3rd party sites and simply called by the site you are visiting.

Check out uMatrix and visit any of the site you frequent. You will see much of the content blocked or mis-formatted because it denies the 3rd party loading of javascript.

Reminder to all 4cuck refugees to stop making themselves so obvious and to fuck off back to the shithole they crawled out of if they're incapable of lurking.

...

>>>/reddit/

Summary of long question I asked on Holla Forums yesterday.


If anyone knowledgeable can give me some quick advice that would be nice. But reading this thread and others I have already been taking some notes and am in the process of some major habit changes. Thanks to all of y'all.

With regards to the smartphone vs dumbphone, i dont think at the end of the day theres a difference in how easily it would be to eavesdrop on a call or intercept messages as we already know that PRISM involved pretty much any phone company. Of course where they really differ is how you can expose yourself a lot more with a smartphone as your using a lot more applications and essentially using a tiny mobile computer. i would say tracking is somewhat different between the two devices. A smartphone can pinpoint your exact location while a dumbphone would require triangulation and would be obviously less accurate. At the end of the day using a phone is going to expose you either way but simply put a smartphone is going to expose you a shitload more tham a dumbphone.

It is preferred that you do this
No, you can still be triangulated by watching towers your phone reaches out to and when
Depends on if you communications are considered sensitive to you
There are a number of roms out there but since they are all based on google code there is no sure way to know that its safe, also you dont know if the rom creators/maintainers have malicious intent
It's hard to say. Old hardware may have flaws that are unknown or embedded rom code that is exploitable.
Gentoo

DAILY REMINDER THAT ALL COMPUTER HARDWARE HAS BEEN COMPROMISED SINCE THE BEGINNING OF TIME

ibtimes.com/nsa-has-planted-surveillance-software-deep-within-hard-drives-2001-kaspersky-1818398

DAILY REMINDER THAT ALL COMPUTER HARDWARE HAS BEEN COMPROMISED SINCE THE BEGINNING OF TIME

honestly we should give that bastard the old zyklon ben treatment. theres lots of great exploitable scenes, the "art" style is so easy to replicate is pathetic… thoughts?

For anons in the thread, TrueCrypt has been succeeded by VeraCrypt.

Thread is super helpful, too. Thanks, anons.

t. user who is building a new machine and planning out his security setup

Might be memeworthy, start by making some. Bonus if you can make subtle enough edits that it could pass as genuine when distributed amongst normalfags

it should also be noted that truecrypt was listed in the CIA leak as having a tool that may be able to decrypt the data, or search in memory for the key used to unlock a container.

Son I am fucked

Good advice.

Would follow it if I thought it was worth the time. :(

I'm a complete luddite, and tbqh I don't care if they know I'm crazy. The time I will need to dedicate to protect myself far outweighs the vids of the CIA filming me jacking it.

Godspeed.

...

Let's say I'm running a business
My competitor has friends in the CIA

CIA steals my data leaks to competitor

This information is extremely out of date
Surprised i2p was mentioned.

The entire screen of the display can be turned into a digital camera.

This capability is built into the technology.

They could look at you, THROUGH your television *since they invented it, ==before 1927==.*


WAKE UP

The military built all the computers, and before they even told you that such technology existed, they had more advanced technology that a) was not shared, and b) pwned.

RESISTANCE IS FUTILE
Try bud… dry.

Many smartphones have a secret co-processor that gives the feds full access to your phone when you connect to fake cell towers. There are a few smartphones that don't have this shit, but I would guess it's a lot less common in old dumb phones.

It's called the cellular modem and it's in every phone. Also did you know there's a Java VM running in every SIM card? All total black boxes, even to the phone makers.

Source: Used to work for Nokia.

All Intel CPUs from 2006 and beyond have the Intel Management Engine baked into them. A hardware level backdoor that can even turn your computer on remotely. It's a CPU within the CPU whose operations are completely hidden from the user.

AMD CPUs from 2012 and beyond have the Platform Security Processor in them which essentially does the same thing.

The latest x86 CPU you can get that isn't pozzed is the AMD Vishera FX on the AM3+ platform.

t. Holla Forums

Best advice right now, but I guess it needs a tl;dr: get new computer/phone/tablet, disable/sabotage everything superfluous (Bluetooth, GPS, etc.), only use on free WiFi, never connect it to anything else, remove battery when off.

All you need is to be able to afford one.


As he well stated it, be very careful, you have no idea how much they could fuck with you. Read tl;dr above, that's the essential, and it's that easy, the rest is extra safety on top if you want to go further, and you can go even further than what he stated.

So from what I gather here:

Use VPN and seperate PC running Whonix on Virtualbox

Use VPN and Tor

Using a firefox (or fork) with a shitton of privacy plugins, will not really help you but it's ok for the average joes

Amish Internet Defense Force got it right from the beginning, the only way to win the game is to not play it.

Careful not to get banned because "muh not politics".
See
>>>/poltech/
for some useful info.

BASIC SECURITY TIPS UPDATED

(1) Don't use social media [Avoid Facebook/Myspace/Twitter/Snapchat/etc.] (no brainer)
(2) Forward secrecy (keep your mouth shut about any personal info if you don't want to expose yourself)
(3) Use a cheap private VPN (w/ no IP logging) and Tor browser!
(4) Always disconnect your internet (physically) when you are not going to use it! Make sure bluetooth and WiFi is physically disabled. Don't keep it online all the time! If you do, you are asking to be hacked!
(5) Use an old "flipper" phone. AKA a jitterbug. Cover up any camera if has one. Jitterbugs are basic cellphones for people with disability problems / senior citizens! Just a bare basic cell phone where you can take out the battery. Has no internet platform.
(6) Flock to flea markets, garage sales, thrift shops to buy older electronics! Do not by 'smart' or 'green' appliances! Learn how to maintain and fix older products/utilities too! All IoT (Internet of Things) tech can be used to spy on you, avoid IoT!
(7) Never put your real name or personal info into your computer, always use FAKE names / aliases. Tell your friends to just hang out with you face-to-face instead of using social media.
(8) Face to face relationships are the best kind. Don't be afraid to hang with your friends now and then. I do – in fact – that's all I'll do. (no social media BS)
(9) Always bleach you browser cache / cookies / web logs! 35x gutmann style! (Bleachbit, Ccleaner, etc.)
(10) No OS is safe. Just exclude as much personal information you can from your Operating System. Make sure its disconnected offline when not being used! Make sure bluetooth and WiFi is also physically disabled when not in use.
(11) Browser Security: Use Noscript add-on. Noscript is a must: make sure to block all global scripts, wipe the whitelist in Noscript and re-configure the whitelist that best fits your browser habits. IPFlood is also a useful add-on to obfuscate IP GET requests. You should use Random Agent Spoofer (or Blender) to spoof your browser & OS metadata while you surf the web, making it a lot harder to track your activity. Tin Foil is another great security addon.
(12) Its best to have two computers, rather than just one. For example, have one just for banking / legit LEGAL purposes. Have another one (completely separated) just for private or illegal activity. Make sure you don't put any personal info in the private computer.
(13) Use encryption and strong passwords! Write them down on a piece of paper or memorize them. DO NOT store passwords on a computer file. That is a big no-no! Try easy to remember long sentances for passwords, and combine all the words together. The more characters used, the harder it is for hackers to break the passwords.
(14) Have separate email accounts for each kind of activity (legal or not, don't matter).
(15) Make sure you physically disconnect your web cam or cover it up with black electrical tape. Most laptops these days come with web cams attached above or below the monitor. Make sure the camera cannot be used to identify you or spy on you in any way. (Yes, webcams can be hacked / remotely hijacked to spy on you!)
(16) Avoid new "Smart TVs" (they spy on you too)! If you have a newer TV, make sure you cover up or unplug the camera and microphone. Or keep it offline and disconnected from the cable box when not in use. You could cancle cable and rip DVDs of your favorite movies and shows instead, using it for offline purposes only.
(17) Avoid all new digitized vehicles. They can easily be hacked, used to spy on you and even be remotely hijacked by criminal entities/governments!

What if we just put every device behind a proper firewall? Wouldn't that stop all this iot faggotry?

No way. Unfortunately its simply not that easy user. And if there were such a firewall, the feds would utilize ALL their resources to break it – one way or another.

Thanks based Holla Forums bro

You fucking normfag retards thinking vpns will work, they own the fucking internet. They see in and out and can time it. Your vpn just says 'look at me' to groups like them with capability. If you are torrenting, yeah sure it'll work but the shadow govt and co, lol - ya fucking dreaming.
You're talking the deep state, they have backdoors at varying levels in nearly everything mass produced. Hardware layer, the favourite method, doesn't give a fuck what you do on upper levels. Hell every damn encrypted product was required by law for a very long time and in some cases today, to have a backdoor.

CPUs with backdoors are the tip of the iceberg when you have things like intel TPM and similar prior, let alone the actual NIC or millions of other chips embedded inside the various devices, with proprietary firmwares and code running that you don't know fuck about.
I was trained about TPM privately, management and remote access, along with 'theft recovery' is just one of the uses.

Nothing you do is secure. If you create information - it can be accessed. If not at hardware exploit level, at a software level even, even potentially at a quantum level if you are really fucking people off.


These leaked images are just the expensive, rare bullshit to distract you from the above.

Just checking.

Also anything GSM has baseband modem exploit. Battery out or somewhere far away or nothing.

This post is being made from some dumbfuck mom & pop coffee shop wifi on a laptop that I have physically broken the mic and camera on. I've removed the HDD and using a live linux USB which I will burn after this post. Even this is too risky.

Holla Forums. Its time to stop using all forms of communication period. Its not worth it.

So… they are not your friends?

Screaming WAKEUP SHEEPLE is not going to get you anywhere without sources, go away faggot.

I just wish someone would give a rundown of good, free VPNs for people who are smart enough to know the importance but uninitiated enough not to set it up on their own.

What are some free VPNs I can use to post shit that I don't want ever possibly coming back to me in a court of law? Asking for a friend.

thatoneprivacysite DOT net/vpn-comparison-chart/

Thank you

You fags really are clueless about how deep the rabbit hole goes. No matter how smart you think you are, no matter how l33t you think your OPSEC skills are ultimately you are going to get fucked one way or another.

They are everywhere. Your data are belong to them there's no way to prevent it. Unless you want to go full russian style and use typewriters.

Your VPN won't protect you, if the vpn sever keeps log they can just go grab it there by hacking your VPN service provider or asking the ISP of the VPN server all the traffic they send. Remember… they own the internet all the traffic passes trough them all the isp cooperate with the man.

Your own OS will betray you, windows is a spyware with an OS attached to it. Linux isn't safe from 0 day exploits. Android is basically fucked at this point and don't even get me going on apple.

Your encryption password will be taken from you by force trough torture if required. Or they will harvest the data before it's even encrypted.

Your hardware have piece of code running with backdoors embedded in it. Nowhere is safe we're all fucked.

Assume they all are. I don't buy into the vpn meme at all. Another user, suggested using one outside of the '14 eyes', that may help. Honestly, the way vpns are bandied about. Am I out to lunch? Zero faith in using a vpn.

More info for any interested. archive.is/3RHSk

After more of these leaks it seems that they can no longer be relied on to protect your anonymity against state actors(we knew this already from the Snowden leaks; maybe not to what extent though but with these new leaks we do) and those in the criminal world who have a similar depth of resources.

No, no we're not. Not even close.

Stop projecting

Going outside of the FVEY and 14 eyes jurisdictions won't accomplish anything when the NSA taps fiber lines and those that run underwater in the Atlantic.

Youre a retarded nigger who probably has terrible opsec if youre using s fucking free vpn. I bet you ever use kikebook

Daily reminder that RedHat is a CIA front company, and anything that RedHat has produced is probably riddled with trojans and backdoors.

This includes RedHat, Fedora, RPM, yum, and the systemd init beast that has managed to worm its way into every major distro.

...

The camera in a mac is hardwired to the LED in such a way that it cannot be turned on without turning on the LED. I've taken enough of them apart to know.

I still have tape on mine though. Primarily because it's too easy to turn on video chat when you only wanted voice in most VOIP applications like Skype.

I'm posting from oBSD right now. Installed it last night, first time not using WIN/OSX no idea what's going on pleaes help

VPN and Tor through public wifi.
The only reason they got the Silk Road guy is they already knew who he was, his opsec was shit, and he left his laptop powered on so they got the info off RAM.
Every extra step you take is one more thing that makes life difficult for them.
If you are attracting real attention, use TailsOS on a burner laptop. Never leave your shit unattended, and especially never leave it unattended while powered on.
All the memes that the government is "all powerful, all knowing, all seeing, just lay down and die goyim" are a psyop to make you feel powerless.
If you ever think you might be outmatched, remember that the CIA hires bronies.

...

can someone tell me how set X11 to run cwm instead of the default fvwm please. i stuck in the xinitrc file where fvwm used to be and then rebooted but its still not there. please Ive been trying for like 3 hours

also how do I goto the normal explorer/finder thing to look through files. I didnt even realize I had one until it popped up when I tried to post an image

nvm I figured it out. dank

And check out retroshare for p2p file transfer/chat/lobbies/pgp encrypted open source chatting. Everything you need for low level bullshit.>>9458789

that shit might work a few times to leak stuff yes.
but for actual long term using a pc on the net securely, it is literally impossible unless you want to have no storage, they will force you to release encryption passwords otherwise.

If they don't get you through surveillance of net, they'll get you on one of the fucking cameras everywhere when you slip up.

TLDR: the only protection is to learn commercial/contract/law proceedures along with Uniform Commercial Code and be sovereign as fuck.
You can't protect yourself electronically long term, only legally. Don't consent to being governed like the rest of the cucks.

fwiw my neighbour withdrew consent to be governed. Notified the 'authorities'. Convened an unincorporated society with another fellow. They held a parliament and passed some regulations allowing themselves to sell psychdelics. He's been out of jail for a while now. True tale.

well said

anyone have a dl for keyscrambler premium?

To all the people told that BSD and Linux are safer alternatives to Windows and OSX STOP LISTENING. True UNIX devs know that this is a R U S E!!!!

BSD and Linux are not the ultimate answer. What you really need is an ultra-secure 9front Auth server.

9front is a popular fork of the Plan 9 system. Plan 9 is UNIX after UNIX. After the BSD vs System V UNIX Wars of the 1980's it came apparent that UNIX was a shadow of its former self. So what happened? Rob Pike took the UNIX Philophy and simply scrapped UNIX and started again.

Plan 9 acts like UNIX but is not. It is superior. Plan 9 has its own userspace (userspace is a term in the UNIX world meant to refer to the core utilities, e.g. GNU Userspace, System V userspace, BSD userspace, et. all).

Think of this: graphics and networking did not come to UNIX until much later in its development and was never implemented in a satisfactory manner (see: X11, the BSD Network Stack). Plan 9 devs saw these changes and implemented them at their very core.

This is not to say that Plan 9 is a security OS. It's far from. However, when you truly immerse yourself in Plan 9, you will no longer need a security OS as you have become a tech god who knows how to keep the computer clean himself. The CIA niggers will be comissioning YOU to make their malware.

Plus, you Liberterian fags aughta love the lead dev. The (late) Great Uriel was a part of Ron Paul's RevoLution all the way back in 2008!

https ://wiki.installgentoo.com/index.php/Plan_9

http: //harmful.cat-v.org/

anyone have advice for a secure meme folder? encryption but still relatively easy for me to access when i want?

Veracrypt

Good thing cause RH is shit anyway. Just go Debian masterrace. Whonix and Tails are based on it for a reason.

TempleOS doesn't have networking capabilities. How are you posting?

With regards to anti-forensics on Windows, I found that disabling logging services actually breaks some applications. I know this because it broke my VPN provider's client.

Can't, post went down the memory hole.

This is part of the multigenerational conspiracy. If you trace the histories of pretty much every news outlet for 200 years here in the US…

They are bought and sold only to insiders. Right before one dies, they move it to another insider. Then hold possession for 50 years so people forget. Repeat.

The repeaters will be running something compromisable and will be immediately compromised.

WRONG
But you're really close

Firewalls didn't even work in the 90's…

How good is stuff like what these people post? paranoidsbible.tumblr.com/library I found their peerblock guide useful and the guide on removing shit from search engines but is anything else of theirs useful or should I avoid it? They also have their stuff on pastebin pastebin.com/u/paranoidsbible since PDFs are bad now I guess.

whats the best linux distro for everyday use? if i want to get rid of windows and install linux, which do I use that wont get me backtraced?

Icecat:
gnu.org/software/gnuzilla/

Compiling's a bitch, but you can use a repository from Trisquel. Instlling from a ppa is easy but you should still verify.

fuck off

doesn't stop pozzed hardware. you have no idea what the fuck a firewall is do you?

Use TempleOS to deter satan-worshipping CIA niggers.

I hate cats, need a new one

Sometimes shit just doesn't work right. I can't watch HWNDU stream in it, and after a while it just bogs down and gets slower and slower.

Debian. If you like gaming go for something more normie like Ubuntu. Once you get the grip of linux install Virtualbox with Whonix and browse with Tor for better OpSec.

What's a good score for Panopticlick? I'm getting 1 in 84.42 with VB+Whonix and no vpn bcz I'm a poorfag. I also maximize Tor @ 1080 screen like a faggot, how fucked am I?

cryptostorm

depends on what you're going for
the serious shit you only run off of a live session but for day to day you want something usable

I made a guide for Linux MInt >>>/poltech/66
It is ONLY for getting into linux for your first time, and maybe learning a thing or two if you are already into linux

after you learn enough you should probably switch to something safer and more secure
if you only care about vidia though, it's a fork off ubuntu which is a fork of debian and mint and ubuntu are suitable

they're all shit anyway its more how you use them, firefox will be abandoning add-ons for WebExtensions as of version 57 which is expected this year
all firefox forks will suffer because of this

Tox is a good start
Peer to Peer communication, if your box is fucked already though then it wont help

...

.

Trips for truth my friend.

1. How good is NordVPN?

2. SRWare Iron browser any good? Based on Chrome

The NSA can see your vision as well through your unique biomagnetic field. Thought monitoring is complete reality. If you want to prevent screengrabbing however get a ZXX font like the ones here: softpedia.com/get/Others/Font-Utils/ZXX.shtml

The NSA can see your vision as well through your unique biomagnetic field. Thought monitoring is complete reality. If you want to prevent screengrabbing however get a ZXX font like the ones here: softpedia.com/get/Others/Font-Utils/ZXX.shtml

I use NordVPN. It's okay, the only problem is other anons here use it too, and if they run afoul of ikamphy, he range bans their IP, which cuts out the given country. For example the 300 or so US addresses are banned until April IIRC.

>>>Holla Forums589254
8ch.net/tech/ddg.html

What about Doxxing yourself and your imitate family? And deleting or plating false information as well as Doxxing everyone with your name?

Another two:

(18) Never allow another person to use your computer. Make sure you routinely backup important files to a flashdrive or DVD and store that data offline. Also make sure you have a backup copy of the OS you use as well. If you ever have problems with your OS someday, just wipe your partitioned OS, and then re-partition the OS again yourself from scratch. Do not allow others to 'fix' your computer, they could easily steal information from your OS you might not want them knowing about. Geek Squad works with the FBI and other agencies to steal data from their customers, do not trust them to fix or repair your computer.

(19) Any photos you take with modern cameras contain EXIF metadata that contain GPS coordinates among other data used to identify the owner of the photo. If you store your modern photos online, people will be able to identify you. Don't do it! I repeat: do not post modern photos online unless you want to be identified!

JIDF detected. Qubes R3.2 is decent and comes with Whonix support out-of-the-box.
If by "functionality" you mean GUI crap, stop being such a goy and start taking machinery seriously. Learn how to make your own loonux scripts. The Jews make things "easy to use" deliberately, to make their goyim stupid, powerless, and thus totally dependent upon them (this is what happened with GOYNOME 3, and is happening with Mgayzilla Cuckfox). "Tradeoff in functionality" is an admission of "I'm a good goy". "Tradeoff in functionality" is the same retarded mentality that gave power to the Jewish bankers, because their "service" (fleecing) made our lives "easier" (fake paper money easier to move around than gold, read about the history of banking). It's the Jews' fault we want everything laid out for us! Stupid people pogromed the Jews for taking advantage of their full retard; more cerebral-critical peoples (e.g. East Asians) never allowed Jews to amass power in the first place (the Jews fear the Samurai).
Whoever has difficulty setting up and using R3.2 (i.e. is a woman) shouldn't be allowed near electronics, period. Remember Snowden uses Qubes. Barring physical isolation (Qubes is to physical isolation what Tails is to Qubes), there is no better "easy" "simple" system at this point.
Given two gas buttons, one saying JEWS and the other FACEBOOK USERS, it sure is interesting to ponder which would solve our problems faster (or indeed solve them at all). Treating the disease is not curing it; the merchant class can always speciate into full-fledged Jews all over again. Prevention is the best cure. Prevention means constant vigilance and frequent gassings, not merchant you are my greatest ally thanks for making my life easier here take my shekels feeble-mindedness.
fucking normies
gas the normies neurodiversity war now
en.wikipedia.org/wiki/Neurodiversity
The concept of neurodiversity is controversial. Those supporting the bigot model of disability identify the mental differences associated with these conditions as disorders, deficits, and dysfunctions, intrinsic differences in functioning which cause impairments in many areas of life. From this point of view, the mental states that are encompassed by neurodiversity are medical conditions that can and should be treated. Author David Holla Forumslak sees neurodiversity as an inclusive term that refers to the EQUALITY of ALL possible mental states, you nazi. Still others reject the word because they think it sounds too medical.
that's what they thought about homosexuality too.. normies beware your reign of willful ignorance is nigh, the beta uprising is upon us

I'm pretty technologically illiterate. I admit this upfront but I was hoping someone on Holla Forums might be able to help me with this.

What sort of information can be discerned from an IP address? I know it gives a general location of the service provider (like a city), but can anyone ever determine the exact identity of a person just from the IP?

To be more specific, I ask this because my university has a message board with a political section that I post on a lot but it would be very bad if I could somehow be unmasked. I do not use a VPN but my home IP which is off-campus.

Appreciate the help.

(checked)
>>>/polk/

actively being attacked is not the same as compromised. I see faggots on this board constantly claiming Tor is compromised while citing absolutely nothing and giving zero details on how it's compromised. As far as we know there are attacks against Tor which are known of and also observable, however the actual architecture and structure of the network and code is not compromised as of currently.

I also shouldn't have to bring up the concept of privacy by policy vs privacy by design. VPNs are not a guarantee and there's no way to know if your provider is logging or not or have been ordered to log or not. Thats the difference between Tor/i2p and VPNs. One is designed for privacy the other is a network who's owner is telling you it has privacy. Keep that in mind, VPN fags.

that's why you have 9 VPNs and between #4 and #5 you hire some kid in Thailand to type everything you tell him

I must have been busy this past week to not have noticed a promising alternative.
Hopefully this one succeeds.

ABE is out of date and no longer being supported, just a heads up, but I don't get what's with the uBlock hate in that add-on pic. I've had some good luck with BluHell Firewall and Disconnect. Clean Links is nice, as well as Pure URL to get rid of source click shit from urls. Get TabRenamizer if you're one to take screencaps of your browser. QuickJava's been handy if you ever actually need to enable anything. FlagFox and Terms of Service; Didn't Read can be nice for on-the-fly basic info if you're not on something like Tor. Smart Referrer's fun to fuck around with. DEFINITELY get Configuration Mania if you actually know what you're doing and are partial to fucking with your browser config. I also recommend YARIP and similar for removing elements from pages.

I originally suggested Qubes in this thread, you spastic. The fact that it's a mediocre desktop experience at best is a valid point and most normies don't need such a scorched earth option for day to day use. No one cares about your nazi meme folder, asshole. The physical isolation concept can replicated with Whonix or with pfsense using VMs and I use it extensively with Linux as the host.
Before you start reeeeing again you should know that my actual freedom relies on good opsec due to the nature of my business and I've given it quite a lot of research and thought. If I was being targeted by state actors Iike Snowden I'd consider the little bit of extra security Qubes provides. You have to use a little rationality and employ a little humility to judge how much of a shit alphabet agencies actually give about you. By all means continue using Qubes.

I would gladly pay for this just to baffle the shit out of CIAniggers

That image is old af and the original suggested level3 proxies, which is no different than drugging a CIAnigger and forcing his cock in your ass.

yea looks totally promising, you should stay there and never comeback

I know it's old as fuck. A lot of the add-ons are still decent though, and anyone who doesn't know it's old will look into getting ABE only to see it's not around anymore.

half of them are, hidemyass got lulzsec v&, froot was set up by fags that got arrested.

also this

best bet is to crack a wireless network, get a VPN that isn't shit with speed, and tunnel tor through it.

also (((NoScript))) as good as it is, has a fucking whitelist that allows you to get pinged by pozzed servers. wipe the whitelist and only re-add Mozilla domain stuff to keep the browser from breaking

there's a reason way it crept into most browsers as a default option :^)

If you ever logged into any other university service(with an acount and password that is), they could crossreference that ip to find you as the probable user. On the other hand, maybe you have a dynamic ip, then you have very little to worry about.
If you never used your name or something identifiable on the uni network, then the ip won't do them any good. They would have to ask the ISP who will be to lazy to help unless they have a court warrant, which they wont have if all you do is shitpost.

Maybe I will!

The other benefits of a dumbphone is lack of other tracking features, always on microphones (ciri) and lack of need of a camera. As I understand it touchscreens require a forward facing camera or it's designed not to work correctly.

Not really worth buying a new dumb phone, as more and more often they're integrating pieces of android in them, making them at least semi intelligent and therefore more compromised. An old razr might be a good choice, old enough not to have the worst of the new (((features))) but new enough to have a browser if you need it and plenty of spare parts.

The bigger problem is american phone companies are phasing out GSM/2G coverage, and 3G likely isn't much longer for this world. You'll pretty much have to import from east asia if you want a dumbphone capable of LTE though.

what. Tell me more.

to the household

but if you're using a browser all kinds of other information is available like what browser you are using and what add-ons you have and shit, some of that can be disabled tho

1234 tell me more. I want to be ungoverned.

This + it doesn't matter if it's intel or AMD they are 3g backdoored on die anyways. The only way it get a MIPS android board and hope it isn't hardware backdoored

t. Mike Pompeo

Why does no one know about Request Policy?

ilu

TOR is principally sound.
It is using Onion-routing, avoiding the problem of trusting intermediaries under control of others. This principle was first used as an replacement for anonymous-remailer. Anonymous-remailer were like VPN for e-mail. Scientology forced one anonymous-remailer to cooperate in their search for a whistle-blower leading to onion-routing remailer.

With a simple VPN you can have:
1. VPN not disclosing your ID because they are not willing and out of reach of your adversary
2. VPN disclosing your ID because they are forced to do
3. VPN disclosing your ID because that is their raison-d'etre (honey pot)

Onion-routing over at least 3 stages prevents that any stage knows source and origin at the same time, in theory.
Practically if your adversary is able observe the movement of packets he might interfere source and origin. With mail that problem was solved with introducing of latency and sending the mail in batches. Another way to disguise the source is by being a remailer/router themself.
In TOR observation of packets gets more difficult as more traffic is routed through it. Ideally the routers are placed in non-cooperating countries, say USA, Russia and China, in practice that isn't so most of the times, there are no TOR server in China. Worst situation would be all the routers just on one machine, faking the routing.

I have a question anons, I use a private VPN service that issues random dynamic IPs from two different IP ranges. Everytime I get back online (after being disconnected temporarily) my IP changes.

On average I have about 4 or 5 different IPs per day. I always disconnect the internet when I get off the computer, and reconnect when I get back on.

How difficult would it be for a pro to track me down?

startpage better?

They hate us cuz they ain't us.

can anyone answer this, I'd like to know?

I hear something to the effect that FBI owns the people who make it now, as if the software itself is compromised

Install DVL

somewhere theres a mennonite that will chuckle at the reference.
PRAISE KEK

Any guides on installing Gentoo or good technical introductions to Linux? The official Gentoo handbook got me a command line install but I'm failing to get the kernel set up and connect to the net so I can install X and a desktop environment.

I have a ThinkPad T500 and I'm trying to turn into a proper OpSec shitposting machine for the sake of learning and being able to use non-pozzed linux distros.

You forgot:

There are rumours about the tor nodes being compromised. But if you're going through 3 nodes that still would give you a degree of privacy.

The Israeli company that "invented" the firewall also look after smart vehicle security so you can be very confident that everything is secure.

...

Do you even understand what a TPM module is? Its used for key storage and can perform some basic cryptographic routines. It has nothing to do with providing management or remote access.

please user, you couldn't audit the code even if it was provided to you. but i'm sure this wont stop you from spurging out further

This. Use OpenRC instead

It's good practice to do that.
Remember, there are lot of users that have been busted for using, for example, one email for multiple things.

There is a reason that drug dealers prefer the old 3310s and other dumbphones. Even if other anons say otherwise,
Apple gave us fappening and Google reports pedos from Google Street images.
But of course, drug dealers use dumbphones as burner phones too, so…

Yes, if you do not secure it. On default settings, Google already tracks you. It's adviced to use other FOSS roms for Android OR set up that smartphone. Also, remember that terrorist? Bin Laden, I think, where army used phone/smartphone to track him and missile him?

Custom ROM, preferably FOSS, you may also root phone and uninstall/configure other shit to stop tracking you

Yes. There have been news that Intel is shitting up the new batch of Intel chips to enable remote control.

Tails?
I honestly don't have time to keep reformatting the computers and configure them, so I just Mint, and configure enough to be satisfied. >inb4 faggot

Is Icecat still any good? I used it on windows before.
You can get Tor to work through it can't you?

Any web browser will work with Tor as it is a SOCKS proxy, you dont want to do that though. Various browser exploits targeting Tor have your computer computer bypass the socks proxy and ping a node on the internet. What you need to do is isolate your web browser in a VM on its own network so it cant even reach the internet directly. There is some package which does this but fuck if I remember what its called. I just setup my own VM on a isolated PVLAN which does it.

arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/

Some contributions, haven't read the whole thread.
Use Umatrix and make sure that user agent spoofing is enabled. A user agent is what identifies your browser and OS. Make sure you update it to the most common user agent. The github for umatrix tells you it's your responsibility to update the user agent. Here's where you can get info on the most popular user agents.
techblog.willshouse.com/2012/01/03/most-common-user-agents/

If you're using a VPN, make sure it's out of the 15 eyes countries, they basically are 15 countries that share info with eachother. Use this site to make sure DNS is not leaking. techblog.willshouse.com/2012/01/03/most-common-user-agents/

Obviously use linux, preferably a systemd free one. Mint is the easiest distro to use and version 17.3 and below are free of systemd.

Buy a router that comes with a free as in freedom firmware, anything else is trash.

Check out the wiki.installgentoo.com/
privacy section, they have good shit.

Truthfully, the only way to hide yourself is to use tails os and a public wifi. You can use the above steps on your home PC to minimize tracking but everything is compromised. Your CPU, motherboard OS everything's compromised. That nothing to hide mentality is bullshit even if you truly have nothing to hide, CIA niggers have no right to spy on you.

dnsleaktest.com/
Do extended test.

ssshhh. don't encourage good opsec. then that makes it so my mid-tier opsec isn't good enough to keep from being the low-hanging fruit.

depends on if anyone has ever used both your IP and GPS at the same time. pokemon go on your wireless? someone has your IP and GPS coordinates in a database.

if there was a list it'd probably be compromised too. probably easier to do that anyway.

Don't worry about it. It'll fall off the internet eventually or if anyone brings it up you can just blame it on being a kid and nobody will give a damn.

bait so bad I figure it is "not even good bait" bait.

Hold up. So it is now revealed that the spooks have been listening to everyone regardless of the measures we take and no one is getting hauled off to gitmo for being edge lords on Tibetan basket weaving image boards. Wouldn't this imply that it doesn't fucking matter?

maybe keep this running too:
*https*://github.com/hephaest0s/usbkill

It helps the rest of the tor network with cover traffic at the very least.

yes. and many of us have known this for at least ten or more years. hence why we laugh when people talk about 'opsec', while regularly using the same damn device with the same damn backdoors from the same locations every day.

Hardly anyone mentions Umatrix either

Umatrix can spoof HTTP referrer
translation: no need to break links

Jewish browser

...

whats makes billy boy have such a healthy glow?

BUT THAT'S WRONG YOU FUCKING RETARD
Retards and shills will still click the links too–and won't have Umatrix installed

Why not use a disk image?

Pretty much it. Those who fail to claim their rights have none.
Statutory law is only applied on members of a society. Make your own society/leave through acquiescence and it is no longer effective. Enforcing contract law is also great to learn.


TPM is also a management system. I don't have access to the whitepapers any more but this was very clearly taught to us. There is the 'base' level you normies see and a whole remote management layer built in. This was on the core and core2 architectures so a while ago. Core was considered one of the last 'lesser compromised' cpus at the time so this makes sense to install a separate system to be sure…

no there isnt you tard

The TPM isnt part of the processor you retard, its a separate chip. Stop larping that you have any idea about TPM modules or really any idea about anything else in computing.

Would any of you faggots want a howto on setting up an overly paranoid Gentoo build?


What're you getting stuck on? Drivers?
Usually when creating a kernel for a new system, I'll lspci -n then run that shit through kmuto.jp/debian/hcl/

nigger where the fuck were you in 2013? fucking newfags i fucking swear

What about using the arch-nemesis of the CIA, Russia?
Russian AstraLinux http:// www. astra-linux. com/
and Russian Hardware?
http ://www.mcst.ru/ mikroprocessor-elbrus4s

I want to get a good understanding of how both networking and computers actually function on both a hardware and low-level software level.
What kind of shit should I read or watch?

TPM is different than intel's management engine which is on the chip. That guy is confused but he isn't entirely wrong.

He is entirely wrong. For fucks sakes this retard is spurging out claiming he was taught this in some sort of professional setting as to give an air of legitamacy to his claims, when in reality he is just repeating memes from 4/g/

The spurging out about ME is equally retarded. Oh noes it has DMA access, oh noes it can remote control your computer. So can your primary operating system, just configure it as you would with Windows/Linux and stop spurging out. And if you're too lazy to configure it there are plenty of other things you can do such not use the onboard ethernet interface. Or set the native VLAN for your network port to something else and just dont perform inter-VLAN routing on it, and then manually set a VLAN in your NIC's driver for one which is routable.

All this is, is a bunch of retards who dont understand how computers work, spurging out because they dont know how to use them while thinking it is some massive conspiracy against them. ME is a usefull tool and these people clearly dont understand why things like BMCs such as IPMI/iLO/iDRAC exist, or why you would want one on client computers.

Use wire for stuff that could get you in trouble, but discord is fine if you keep it low tier

It is open source, everyone can read the source code, most would not understand it, most would not compile it themselves. Even if you compile your software yourselves, the Gentoo approach, there still could be subversion, as demonstrated by Ken Thompson in “Reflections on Trusting Trust” in 1984!

So it could be theoretically subverted, like any software could theoretically be subverted.

In practice VPN user already experienced such a subversion with the “Heartbleed” bug in the Open SSL library used by the popular OpenVPN package (TOR used it as well).
Interesting observation, the OpenVPN version published by the Dutch government wasn't susceptible to that attack because it used the PolarisSSL software.

I'm aware, it's just qutebrowser's default. I set it to start page after I figured out how to edit config.

I've turned out to really like openbsd, especially cwm. Installed it on my second laptop and a third time tonight on my freshly built PC. Outside of not comprising the base installation with insecure programs, is there anything I should be doing security wise besides routing traffic through VPN?

Any anons on the fence about it, it really is a piss easy install and I don't find it inconvenient for standard consumption needs after you get html5 working in browser. It's a good clean simple OS.

PolarSSL, which is now known as mbed TLS and seems to be owned by ARM

tls.mbed.org/

fuck off

reminder: anime is not part of the board culture
it is engaged with by quite a small minority

it is first grade jewish shit designed to lure white nerd retards to the japanese conquest and to condition japanese people to be more open minded to western invasion (seeing western values and western physical traits in the context of japan (anime characters that represent homogenous japanese are portrayed as being blond/blue eyes etc.)

and anyway, the writing is almost all objectively crap. it's just technically bad.

reminder: anyone who says this is full of shit or misinformed

Anime is a huge part of chan culture, from which we originated. It comes from Japan, one of our true allies and a country that is pro-nationalism/pro-isolationist/anti-immigration.

And the writing is better than most.

Or it's because the Japs don't see them self as Asian, and are more likely to compare them selves to Europeans, to show their superiority to chinks and gooks.

Discord is really high quality free software that invites you to join, make an account, and encourages you to talk with many people across communities.
I dont understand how anybody could think its not pozzed

BRO DO YOU EVEN HAMMER?

These days it is, but that's because the fanbase and those working in the industry (who are also part of that fanbase) don't know what the fuck they are doing and have no real ability or run out of good ideas by the end of something. It is increasingly becoming more pornographic and sooner or later will be mostly porn. That is likely thanks to western influence in part, but also the fact that they classically ruled over their women rather severely and now the women are treated more equitably, some of the men reveal their true weaknesses by sulking and having rape/cuck fantasies of innocent girls being treated like dirt.

so is Terry actually using his TempleOS to create these videos and livestream from?

What about using Windows 95 or Windows 98se ?

dont talk to me or my waifus son ever again

I want to troll really fuckin hard.
What do I need to not get into trouble?

I need an OS? So which one?
I need a browser? Is Firefox ok?

OpenBSD is god-tier when it comes to mixing ease of use and 'OOB' security.
You seem to know not to install services you won't need, so I'll spare you that.
Outside of sandboxing (either with a chroot or another account) the browser (or anything that uses webkit, really) and possibly encrypting drives, there's very little you need to do in order to run a secure OS.

Daily reminder that using OpenSSL libs is akin to spreading your asscheeks wide open for daddy.
LibreSSL or bust.


You'll certainly want to use TempleOS. Sure, you'll only troll yourself, but it'll spare everyone else the time to spoonfeed you what's already been posted ITT.
PS: Firefox is not ok

I've been wanting to switch. How easy is it to migrate to Libre?

What're you running?

It's supposed to be a drop-in replacement, and some things will just werk, but you'll find some packages simply don't like non-poz. For these, you'll either have to find the same package prebuilt supporting LibreSSL, or you'll have to rebuild from source using LibreSSL libs.
It's rock solid once you've migrated, though. I use it on every platform now.

A bunch of garbage, Nextcloud, letsencrypt, and a file uploader. I'd double check but my server is down for now until I figure out a way to not ear rape myself constantly with the noise (it's a cheap surplus rack server that I got for $150 on ebay).

This. I've taken apart many Macs and it's impossible to my knowledge to start the camera without the light going off. It's hard wired. Don't know about PCs though.

How easy it'll be depends greatly on the distro you have on there.
Webapps should be fine; most platforms/servers have at least patches to make their code work with libressl.

Yea, I'd make immediate use of it.

What do you mean by sandboxing the browser? I'm using qutebrowser for my primary use, iridium for stuff that breaks and mpv for playing any videos atm.

What's the verdict on slackware? Desktop I just built isn't taking oBSD nearly as well as my thinkpads/powerPC, keep getting crashes for some reason, curious to try slackware. they seem like good guys.

Well done, and those trips to boot. Chapeau.

They will have to pry my memes from my cold, damp hands.

Cool. I'll try to whip it up within the next couple of days or so.

That's sort of exactly the point. If everyone and their mother did opsec, they'd have to sink 100 times the resources and work their asses off only to find out information that is completely worthless.

Where can one find collections/archive of privacy & security infographics?

Post some please.

Bronieware works user. I dont even go to the track.

It actually depends on what your end goals are. Read Sun Tzu.

This is MWO Faggot in 2134, stop watching trap porn Dana.

How secure is using 4G/LTE?

sage

none of that equipment has systemd on it. most of that equipment does not even have unix on it.

You're kidding, right?

Any recommendations for non-systemd distros? Alpine's installer is fucking broken and I don't want to spend half a day dealing with it. I would just use FreeBSD but my GPU isn't supported and I need the ability to run VM's with pretty good graphics performance.

Can you expand on that?

Your location can be triangulated using cell phone towers. You are automatically identified because you pay for phone service, that also has a phone number associated with it, and your traffic is logged in addition to being swept up by intelligence agencies. The Snowden leaks showed us just a glimmer of what the NSA was capable of and they fucked with phone companies a lot. I'm not trying to be mean but you have a poor understanding of technology if you think you are secure(e.g., avoid the mass surveillance programs and bulk data collection by 3 letter agencies) by using 4G/LTE for your internet connection.

You also have to pay for a cable Internet connection

Please stop thinking you are secure using 4G/LTE. You need to use different hardware other than x86-64(blog.invisiblethings.org/papers/2015/x86_harmful.pdf) and need to stop using software that doesn't respect your freedom. Even then, only put personal/sensitive information on a computer that's air-gapped. Although your phone is probably using an ARM processor, it's still not safe due to the software running on it and its intrinsic design. You have to remember that these devices were created to extract information from you and feed it to advertisers.

Bump.

Oy vey there's nothing of the sort going on goy, with Jews you win.. we would never harm you!! We're G-D's chosen after all… how could we do such things:
wired.com/2015/07/researchers-hack-air-gapped-computer-simple-cell-phone/
theintercept.com/2016/10/17/how-israel-became-a-hub-for-surveillance-technology/
counterpunch.org/2009/03/12/israeli-spying-in-the-united-states/
wired.com/2016/11/great-now-even-headphones-can-spy/
Oy gevalt this is blood libel, this is another holocaust!!! Chaim shut it down

To the anons who worry about NoScript's whitelist and JS in general:
Setting javascript.enabled to false in about:config obviates the need to worry about JS.
Firefox also permits preference locking so that e.g. no addon can change defined preferences:
kb.mozillazine.org/Locking_preferences

Tails within a shell and not run live off of a USB? How is that more secure? If your host OS is compromised they'll be watching what you do, stupid nigger. Go read the Tails website and learn how to use it effectively.

NO IT ISN'T YOU FUCKING NIGGER
READ THE FUCKING DOCUMENTS
The CIA made a special trojan horse Portable VLC that can be given to a willing patsy with instructions to use the special VLC player on the USB stick to watch some videos.


You are much closer, but if I'm reading the documents right, the trojan Portable VLC used the official VLC binaries but exploited DLL hijacking (blame Windows) to put extra CIA-ware into the loaded program. This is a very solid argument for mounting removable media "noexec". Oh wait, Windows doesn't have that option… I think Windows is your problem here.


Portable VLC had a minor vulnerability to DLL hijacking. I say "minor" because an attacker can't exploit it without being in a position to replace the main VLC binary. DLL hijacking is fundamentally a Windows problem and affects nearly every program on that abomination of an OS. Read the documents. The same trojan that could be used with VLC could also be used with several other programs, including a few portable virus scanners.


This where Free Software is good–don't patent, simply publish. Remember that if you apply for a patent, you are making a deal with the government. That bargain gets surprisingly Faustian if you actually look into it. In the USA at least, precedent strongly leans towards source code being protected free speech–as in the government basically surrendered just before the final ruling would have been made and got the case dropped as moot rather than officially setting the precedent.


NO IT CAN'T YOU PARANOID NIGGER
The supporting circuits are almost completely different between driving a display and reading an image sensor. To make this even dumber, THERE ARE NO FOCUSING OPTICS ON A FUCKING DISPLAY. EVERY SINGLE PIXEL WOULD SEE AN AVERAGE OF THE ENTIRE FIELD OF VIEW.


>If you ever think you might be outmatched, remember that the CIA hires bronies.
THIS—-FUCKING THIS
They have one critical (and exploitable) weakness–they cannot leave the shadows. Stand in the light. Snowden revealed that "target's technical sophistication" was an inhibiting factor for NSA exploits.
If you can catch them, you can announce what you have found and they can do NOTHING!
They can't even try to punish you under some bullshit law–trying that would force them to admit you blew out their toys.
They can't stand the light.


Busting anons constitutes hard proof of those activities. They won't dare because there are much bigger fish than us out there.

Ever since this whole systemd thing took off, all I ever wanted was just to have my old sysvinit system back. I've heard OpenRC is good, but obviously I would prefer something I already know. Are there any distros left that still support sysvinit or is there a fork out there that has good distro support?

As I understand, OpenRC actually uses sysvinit for PID 1, but has a different model for the scripts that manage userspace daemons.
OpenRC really is better than the traditional SysV model. I use OpenRC on my Gentoo boxen. There's a bit of a learning curve, but things get easier after you're past it.

With Gentoo, I have finished the handbook-install but can't get my intel wi-fi drivers (propietary) set up, especially from the command line. Also have little to no clue on how to get from a basic command line install to some desktop environment. I would read the shit out of a good Gentoo how-to guide

Also sorry for double post, but how do opsecfags deal with Intel's Management Engine and AMD's PSP? How much of a risk is it to you and do you still use modern hardware?

blend in. when you need to do something, get a laptop off craigslist, do your work for a few weeks, wipe and destroy or sell again, repeat

EVERY user NEEDS TO WATCH THIS MOVIE

Security by obscurity, then. Secondhand laptop paid in cash with not your real name used from public WiFi far from your house with no CCTV

Reminder that with the IoT, every device, no matter how innocuous, will have a wifi on it and will be sending data.

This includes the CPU in your computer.

en.wikipedia.org/wiki/Intel_vPro

sierrawireless.com/products-and-solutions/embedded-solutions/iot-modules/

ProtonVPN by the same people who created and run protonmail.

Gentoo. Calculate Linux. Devuan Linux. Void Linux. Slackware/Slax.
All lack systemd.

if you go gentoo, make sure you set
FEATURES="${FEATURES} parallel-fetch webrsync-gpg cgroup collision-protect candy fakeroot fail-clean ipc-sandbox network-sandbox userpriv usersandbox usersync strict stricter"
in your make.conf
also, use the gentoo hardened profile. And go find the RNG patch in LKML that Linus rejected. it makes your system _much_ more secure.

bump

that is a huge problem with most niave security, that at some point the key is in RAM, or some kind of buffer unencrypted.

there was also a big hubbub a few years ago where weird commits were being made to truecrypt, and the developers up and left.
A weird message appeared on the sourceforge page:

I've lost a hard drive and likely a motherboard this year.
You must learn to peotect yourselves. They're already attacking potential stores of leaks.

All hardware is backdoored, it's pointless.

I know someone who was a CI to work off drug related charges. He never had to wear a wire or camera, he was just put under oath by a judge and signed an affidavit confirming what he saw and heard. After his handlers trusted him, he didn't even have to go under oath, law enforcement could make a bust just based on "information from a reliable source"

Tails OS, throwaway e-mails, perhaps buy a google voice account on the darknet for a few dollars. Don't become an infamous troll, I've been there done that, if you want peace of mind keep all of your operations separate and don't be an attention whore and try to claim fame for trolling people. If you piss off enough people someone is going to come after you, and it will be much easier to find you if all of your actions are connected through a pseudonym and/or social media account.

Hey Holla Forums I've got a question. Apparently I'm banned for a post I didn't make on my IP address, I'd screencap it and post it but this is slow as shit anyway, the post was a stupid shitpost about being 120% aryan and sockpuppet ban etc.

Either way, I'm 100% sure it wasn't me and this makes me question the security of my computer, what are the chances some Holla Forums shitposter has a RAT on my computer or something similar to shitpost through me and what can I do to fix this shit short of reformatting my drive?

I don't see any unusual processes active right now.

Or could this just be a bug and I'm overrating?

You likely just got caught in a rangeban. AKA someone in your neighborhood was ban evading. Did you appeal it?

I would have, but it says it was appealed and denied. The ban atleast expires in a week. I'm hoping its just a range ban but I live in a sort-of rural area so I'd assume the odds of some cuck living next to me doing this is low.

Thanks for the quick reply before I pulled my hair out though, I didn't think of that. I'm not the best at computers.

Post a screencap of your ban.

Alright bud if you insist

Your ban has been lifted. Have a good day, user.

Thank you very much.

Referring to this? git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c2557a303ab6712bb6e09447df828c557c710ac9
these two are a pain and don't provide a huge benefit, especially the first
unless I'm missing something?


0bin.net/paste/yRlpgQFSRbDUOkuk#j5oHmeKo7frq-EcYKfssMeA3r2s4eAKDQ6mDVTyoSj5
Sorry for how long it took to put this up here, I may or may not have forgotten.
feel free to ask questions or provide input.


using iwlwifi, perchance?
that driver has given many people hell
you likely need the blobs for your card in addition (something you may not want, but necessary if you want to use that card)
check out the linux-firmware package


you deal with it by not using it or getting something that supports autoboot
quite simple really, on hardware I don't trust I don't do anything that can land me in hot water.

You're 100% correct. I can't tell you how many times I've heard idiots advocate for VPNs, but still log into their cloud services. Look at how easy it was to get jew_goldstein.

Get the ip. Phone up apple, which accounts have been accessed by this ip address, thank you, done. The same approach was applied to the operator of Kickass Torrents.

jew_goldtein was caught because he sent an apology and donated money to a seizure charity, which the scum sucking kike then used against him.

He got fucked because he showed mercy, and paid a heavy price.

The KAT guy got caught because he logged into kikebook with the same browser he used to manage the site.

The FBI contacted both facebook and Apple in the jew_goldstein case.

As for the KAT guy, I know Apple and Facebook were involved as well. If I recall, they set up a sting advertisement deal to force him to reveal a bank account he controlled, which he had linked to his real life iTunes account with a CC.

The overaching point is that you even if you take strong steps to protecting your privacy, it has to be absolutely air tight. Cloud services have their uses for normie shit, but they can and WILL be used against you.

%s/Format your external medium with ext2/Format your external medium with ext4/g

bump

pol's Guide to OPSEC 8ch-net-pol
https ://www.scribd.com/document/341454788/pol-s-Guide-to-OPSEC-8ch-net-pol-pdf

ENCRYPTION TOOLS COLLECTIONS
http ://www.mediafire.com/?d6z5da2h5tlkw
https ://archive.org/download/ENCRYPTIONTOOLSCOLLECTIONS

OPSEC MEGA COLLECTION.zip 387 MB Download

archive.org/details/OPSECMEGACOLLECTION

Tech-literate normie-illiterate here.
What's the most normie-friendly configuration without going full j-u-s-t and how do I get my fam and bros to cooperate?